Do not you know how to choose the Cisco 642-372 exam dumps? Being worried about your Cisco 642-372 exam? Just try Certadept new version Cisco 642-372 exam dumps. High pass rate and money back guarantee!
Exam A
QUESTION 1
What is one benefit of the Cisco anti-X defense strategy?
A. applications security
B. virtual firewall protection
C. security events correlation for proactive response
D. malware, virus, and worm mitigation
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Cisco Software Advisor allows you to search either for software that is compatible with your hardware or for software with the specific features you need. Identify two items that are only available for selection when searching for specific features? (Choose two.)
A. Category
B. Type
C. Series
D. Model
E. OS
F. Engine/CPU
Correct Answer: EF Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Your company has two primary divisions: Products and Services. The Products division is on network 150.10.64.0/21. The Services division is on network 150.10.72.0/21. You want to summarize both networks into one routing statement.
Which IP address and subnet mask combination would most efficiently accomplish this?
A. 150.10.64.0/21
B. 150.10.64.0/22
C. 150.10.64.0/20
D. 150.10.0.0./16
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Which Cisco SDM feature allows you to specify whether you want SDM files installed on your PC or on your router?
A. InstallShield Wizard
B. Cisco SDM Express Wizard
C. Cisco SDM Image Manager
D. Create Connection Wizard
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which two of these statements best describe fast secure roaming for the wireless core feature set using autonomous access points? (Choose two.)
A. It is compatible with all wireless clients.
B. It reduces roaming latency through reduced client RF channel scanning enhancements.
C. It reduces roaming latency to targeted times of less than 75ms.
D. Roaming occurs without reauthentication through a centralized RADIUS server.
E. It is enabled through WLSE deployment.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Wi-Fi Protected Access was an interim step on the way to the more secure WPA2. What was added in WPA2 to make it more secure?
A. PEAP
B. EAP-FAST
C. AES encryption
D. Rivest Cipher 4 encryption
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Refer to the exhibit. Deploying integrated services on the Cisco ISR Router can help reduce network cost and complexity by integrating which four of these features on the ISR? (Choose four.)
A. firewall and VPN
B. IP telephony and voice mail
C. Secure Access Control Server
D. LAN switching and Wireless LAN
E. IPS
F. Anomaly Guard and Detection
Correct Answer: ABDE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which two of these statements best describe the benefits of the Cisco Compatible Extensions Program? (Choose two.)
A. offers a feature-rich implementation alternative to Wi-Fi certification
B. accelerates the availability of innovative features while maintaining interoperability
C. provides innovative features only on Cisco’s wireless client adapters
D. provides an evolving set of specifications for interoperability
E. eliminates the need for testing by providing innovative features to wireless client vendors through a one-time license fee
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 9
On what lower-level transport protocol does CiscoWorks LAN Management Solution rely on and why?
A. TCP, because CiscoWorks LAN Management requires that packets require the reliability in the network
B. UDP, because CiscoWorks LAN Management is an application that does not require the reliability of TCP
C. IP, because CiscoWorks LAN Management requires the reliability of IP packets
D. UDP, because CiscoWorks LAN Management requires the reliability of UDP’s detection of lost packets and retransmission
E. TCP, because CiscoWorks LAN Management does not require detection and retransmission of lost packets
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which CiscoWorks component would most help you locate end-station connections at the access switch level quickly?
A. CiscoView
B. Resource Manager Essentials
C. Device Fault Manager
D. Campus Manager
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 11
You are planning to connect your three branch offices to the corporate site via Frame Relay. The first branch office has been assigned the network 10.1.0.0/16, the second 10.2.0.0/16, the third 10.3.0.0/16, and the corporate headquarters uses 10.0.0.0/16. You would like to summarize all branch and corporate networks into a single route at the corporate site.
Which network address and subnet mask should you choose?
A. 10.0.0.0/24
B. 10.0.0.0/16
C. 10.0.0.0/14
D. 10.0.0.0/15
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Which statement concerning the Active/Active failover feature is correct?
A. ASA Security Appliance failover pair must have either an Unrestricted and UR license or a UR and FO-A/A license to be able to support Active/Active failover.
B. If an active security context within the primary security appliance “fails”, the status of the primary security appliance unit changes to “failed” while the secondary failover security appliance unit
transitions to “active.”
C. Active/Active failover is supported in “multiple mode” configuration only.
D. Active/Active failover supports site-to-site IPSec VPN stateful failover.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Refer the exhibit. Which two methods enable a PC connected to the PartnerNet to connect to a server on DMZ1 but deny it access to both DMZ2 and the Inside network? (Choose two.)
A. Enable port address translation for traffic sourced from the PartnerNet PC to the DMZ1 server.
B. Disable NAT control on DMZ2 and the Inside interfaces only.
C. Enable static NAT translation for the DMZ1 server, and then use an ACL to permit the PartnerNet PC traffic to the DMZ1 server.
D. Disable NAT control on the DMZ1 interface only.
E. Lower the security level of the DMZ2 interface to 30.
F. Raise the security level of the PartnerNet interface to 55.
Correct Answer: CF Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Refer to the exhibit. What are two Cisco IOS commands that would verify connectivity between routers R1 and R2? (Choose two.)
A. show cdp neighbor
B. show controllers serial
C. show frame-relay lmi
D. show ip route
E. show running-config
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 15
The Cisco Lifecycle Services approach is primarily applicable to which type of companies?
A. the large enterprise with a global presence
B. the large enterprise with a single campus
C. the small- or medium-sized business
D. All companies, regardless of size
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 16
The PIX Security Appliance feature set is a subset of the ASA Security Appliance feature set. Which two of these features are only supported by an ASA Security Appliance? (Choose two.)
A. security contexts
B. transparent firewall
C. WebVPN
D. Active/Active failover
E. low latency queuing
F. AIP-SSM intrusion prevention
Correct Answer: CF Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Drop A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 18
A customer is considering purchasing either a Cisco Catalyst 2960 or Cisco Catalyst Express 500. Which feature can only be found on the Catalyst 2960?
A. 48 Ethernet 10/100 ports
B. Fast Ethernet and Gigabit Ethernet connectivity
C. dual-purpose copper or fiber uplinks
D. standalone fixed-configuration Layer 2 switching
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which two of these statements best describe the benefits of Cisco’s wireless IDS functionality? (Choose two.)
A. AirDefense for wireless IDS is required by autonomous APs.
B. 2.4GHz RF management can monitor both 802.11 and non-802.11 RF interference.
C. APs only monitor the RF channels that are servicing the clients.
D. Cisco or CCX compatible client cards can extend the RF IDS service for autonomous APs.
E. Autonomous APs must be dedicated IDS sensors while lightweight APs can combine client traffic and RF monitoring.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Which VMS Security Monitor tool allows you to monitor data for patterns of attacks from one machine to a list of targets?
A. Advanced Correlation Engine
B. Advanced Notification Engine
C. CiscoWorks Dashboard
D. Management Center for CSA
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 21
What is the benefit of using the Cisco Easy VPN Server feature along with the Cisco software VPN client for implementing remote-access VPNs?
A. The Cisco Easy VPN Server feature and the Cisco software VPN client use the same GUI configuration tool to simplify remote-access VPN configurations.
B. The Cisco Easy VPN Server feature allows the Cisco software VPN client to receive its security policies from the central site VPN device. This minimizes the configuration requirements at the remote location for large remote access VPN deployments.
C. The Cisco Easy VPN Server feature and the Cisco software VPN client use hardware-based encryption to reduce the CPU overhead of the central site VPN router.
D. The Cisco Easy VPN Server feature and the Cisco software VPN client enable scalable remote-access VPNs deployment by using a thick client/thin server model where the central site VPN router can handle thousands of incoming VPN connections.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 22
You are about to upgrade a router with a newer IOS version, but you would like to check for known bugs first. Which tool will allow you to do this most easily?
A. Cisco Bug Toolkit
B. Cisco Bug Matrix
C. Cisco.com Search functionality
D. Dynamic Configuration Tool
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 23
A customer is deploying a wireless core feature set using autonomous access points and requires Layer 2 roaming. What is a requirement when deploying this solution?
A. a minimum of one Cisco 4100 Series WLAN Controller
B. one WDS per subnet
C. a minimum of one Wireless LAN Services Module
D. all clients using Cisco Aironet Wireless LAN Adapters
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 24
Drop
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 25
Which two of these statements best describe the benefits of WPAv1? (Choose two.)
A. SSID broadcast prevention
B. improved mutual authentication
C. improved encryption through AES
D. improved protection against sniffing initialization vectors
E. RF jamming prevention
Correct Answer: BD Section: (none) Explanation
Explanation/Reference: QUESTION 26
The Cisco ASA Security Appliance can offer the benefit of integrating which three security services into one device? (Choose three.)
A. IPS
B. VPN Concentrator
C. ACS server
D. PIX firewall
E. CSA MC
F. DDoS Anomaly Guard and Detector
Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 27
Drop
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 28
What are three advantages of the Cisco Integrated Services Router product family? (Choose three.)
A. provides advanced security such as hardware encryption acceleration
B. provides investment protection through increased modularity
C. comes equipped with at least one 1000-based TX interface
D. contains integrated wireless access using the 802.11 g/b standard
E. contains integrated web-based management tools for easy configuration and maintenance
Correct Answer: ADE Section: (none) Explanation
Explanation/Reference:
QUESTION 29
What are three benefits of the Cisco Adaptive Threat Defense strategy? (Choose three.)
A. using QoS techniques such as Traffic Policing to rate limit suspected traffic to prevent DoS attacks
B. automatic reconfigurations of the security devices based on current security threats
C. containment and control of security threats
D. application security
E. anti-x defense
F. virtual firewall
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Which of these statements regarding Cisco’s WebVPN support is correct?
A. Cisco ISR Routers with the Enhanced Security Bundles support WebVPN.
B. Cisco security appliances act as a proxy between the end user and the target web server.
C. Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both support WebVPN.
D. Cisco’s WebVPN solution supports both TCP and UDP port forwarding for legacy application support.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 31
LAB e
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 32
At which stage of the Cisco Lifecycle Services approach would you test for system acceptance?
A. Preparation
B. Planning
C. Design
D. Implementation
E. Operation
F. Optimization
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 33
A customer has deployed a wireless core feature set using autonomous access points and now wants to include a satellite building 4,500 feet away from the main campus. The customer also wants to provide wireless access to a courtyard for wireless clients in close proximity to the antenna mounting position. Which Cisco Aironet product is the most applicable solution?
A. Cisco Aironet 1000 Series
B. Cisco Aironet 1100 Series
C. Cisco Aironet 1200 Series
D. Cisco Aironet 1300 Series
E. Cisco Aironet 1400 Series
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 34
Which of these best describes the Cisco Lifecycle Services approach?
A. a methodology for proactively updating equipment before it reaches the end of its life
B. a methodology for introducing new technologies
C. a methodology for creating a business plan
D. a methodology for determining total cost of ownership
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 35
Drop
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
CCNA Cisco 642-372 Exam Certification Guide is part of a recommended study program from Cisco 642-372 that includes simulation and hands-on training from authorized Cisco 642-372 Learning Partners and self-study products from Cisco 642-372.Find out more about instructor-led, e-learning, and hands-on instruction offered by authorized Cisco 642-372 Learning Partners worldwide